EIP-2026-115770

PRE-CVE

Microsoft SQL Server 7.0/2000 JET Database Engine 4.0 - Buffer Overrun

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115770. PoCs published by cesaro.

AI-analyzed exploit summary This is a writeup describing a buffer overflow vulnerability in Microsoft SQL Server via the Jet Database Engine. The vulnerability can be triggered by supplying a query with more than 276 characters through specific methods like 'openrowset' or 'Openquery'.

Description

Microsoft SQL Server 7.0/2000 JET Database Engine 4.0 - Buffer Overrun

Exploits (1)

exploitdb WRITEUP VERIFIED

by cesaro · textdoswindows

https://www.exploit-db.com/exploits/22576

View Code ZIP pw:eip

This is a writeup describing a buffer overflow vulnerability in Microsoft SQL Server via the Jet Database Engine. The vulnerability can be triggered by supplying a query with more than 276 characters through specific methods like 'openrowset' or 'Openquery'.

Classification

Writeup 80%

Attack Type

Dos

Complexity

Trivial

Reliability

Theoretical

Target: Microsoft SQL Server with Jet Database Engine 4.0

No auth needed

Prerequisites: Access to a Microsoft SQL Server instance with Jet Database Engine 4.0 · Ability to execute SQL queries

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026